summaryrefslogtreecommitdiff
path: root/oox/source/crypto
AgeCommit message (Collapse)Author
2022-08-02clang-tidy modernize-pass-by-value in ooxNoel Grandin
Change-Id: Ia553a24693f2ffc0f580c9869b82f0d01a1a0ffb Reviewed-on: https://gerrit.libreoffice.org/c/core/+/137693 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2022-04-14use more string_view in ooxNoel Grandin
Change-Id: I25fe1cbfae43bb533e7dfc2561d0b70976aa6a40 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/132985 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2021-10-14Avoid COW overhead using css::uno::SequenceMike Kaganski
The scenarios are: 1. Calling sequence's begin() and end() in pairs to pass to algorithms (both calls use getArray(), which does the COW checks) 2. In addition to #1, calling end() again when checking result of find algorithms, and/or begin() to calculate result's distance 3. Using non-const sequences in range-based for loops, which internally do #1 4. Assigning sequence to another sequence variable, and then modifying one of them In many cases, the sequences could be made const, or treated as const for the purposes of the algorithms (using std::as_const, std::cbegin, and std::cend). Where algorithm modifies the sequence, it was changed to only call getArray() once. For that, css::uno::toNonConstRange was introduced, which returns a struct (sublclass of std::pair) with two iterators [begin, end], that are calculated using one call to begin() and one call to getLength(). To handle #4, css::uno::Sequence::swap was introduced, that swaps the internal pointer to uno_Sequence. So when a local Sequence variable should be assigned to another variable, and the latter will be modified further, it's now possible to use swap instead, so the two sequences are kept independent. The modified places were found by temporarily removing non-const end(). Change-Id: I8fe2787f200eecb70744e8b77fbdf7a49653f628 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/123542 Tested-by: Jenkins Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
2021-09-01clang-tidy:readability-redundant-member-initNoel Grandin
Change-Id: I78339f1df1f0c55c7edaa552940b07d1ada3aeb5 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/121386 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2021-06-05Potentially uninitialized local variable 'aEvpMd' usedJulien Nabet
Seen on Win10: cd C:/cygwin/home/serva/lode/dev/core/oox && C:/cygwin/home/serva/lode/opt/bin/make -j 1 -rs build [build DEP] LNK:Library/ooxlo.dll [build CXX] oox/source/crypto/CryptTools.cxx C:\cygwin\home\serva\lode\dev\core\oox\source\crypto\CryptTools.cxx(122) : error C2220: the following warning is treated as an error C:\cygwin\home\serva\lode\dev\core\oox\source\crypto\CryptTools.cxx(122) : warning C4701: potentially uninitialized local variable 'aEvpMd' used C:\cygwin\home\serva\lode\dev\core\oox\source\crypto\CryptTools.cxx(122) : warning C4703: potentially uninitialized local pointer variable 'aEvpMd' used make[1]: *** [C:/cygwin/home/serva/lode/dev/core/solenv/gbuild/LinkTarget.mk:301: C:/cygwin/home/serva/lode/dev/core/workdir/CxxObject/oox/source/crypto/CryptTools.o] Error 2 make: *** [Makefile:122: oox.build] Error 2 Change-Id: Id9409c95aa3edf866671ef8418e7ade3cbc1e718 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/116740 Tested-by: Jenkins Reviewed-by: Julien Nabet <serval2412@yahoo.fr>
2020-11-30loplugin:stringviewparam include comparisons with string literalsNoel
Change-Id: I8ba1214500dddaf413c506a4b82f43d63cda804b Reviewed-on: https://gerrit.libreoffice.org/c/core/+/106559 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2020-11-24loplugin:stringviewparam extend to comparison operatorsNoel
which means that some call sites have to change to use unicode string literals i.e. u"foo" instead of "foo" Change-Id: Ie51c3adf56d343dd1d1710777f9d2a43ee66221c Reviewed-on: https://gerrit.libreoffice.org/c/core/+/106125 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2020-11-19tdf#123936 Formatting files in module oox with clang-formatPhilipp Hofer
Change-Id: Ie061189450e0f9004ca503bb28164885812f2acc Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105694 Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com> Tested-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
2020-11-10tdf#42949 Fix new IWYU warnings in directories [h-r]*Gabor Kelemen
Found with bin/find-unneeded-includes Only removal proposals are dealt with here. Change-Id: I886b6f446293d3b1cfbf4ae05e8dbd7fabab9f20 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105510 Tested-by: Jenkins Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
2020-10-04ofz#26128 check at start instead of end if encryptedHashValue is too smallCaolán McNamara
Change-Id: I10774802c96f6f0912a4ee3bf9a6a2a9482b7c94 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103918 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com>
2020-09-24Fix endianness issues in OOX crypto routinesStephan Bergmann
...without which CppunitTest_sw_ooxmlencryption failed on (big-endian) s390x: * The 32-bit segment counter in AgileEngine::de-/encrypt apparently needs to be stored in LSB format (at least, if it is, CppunitTest_sw_ooxmlencryption ultimately succeeded, whereas otherwise it failed). * The UTF-16 string in Standard2007Engine::calculateEncryptionKey apparently needs to be in LSB format (at least, if it is, CppunitTest_sw_ooxmlencryption ultimately succeeded, whereas otherwise it failed). * The various 32-bit values in the EncryptionStandardHeader and EncryptionVerifierAES data structures apparently need to be written out in LSB format in Standard2007Engine::writeEncryptionInfo, given that they are always read in LSB format in Standard2007Engine::readEncryptionInfo. Change-Id: I3a1efbfe324b1bbd539b88dc5d40bb44f9676ffa Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103315 Tested-by: Jenkins Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
2020-09-22OUStringLiteral/OStringLiteral coverity PARSE_ERROR workaroundCaolán McNamara
do more like commit 121771e37f7e2de41cd5643475861062bf25627b Date: Mon Sep 21 09:17:54 2020 +0200 Make some OUStringLiteral vars constexpr cause coverity can live with that Change-Id: I9efd7f848289c4865997a44c6780373068422227 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103147 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com>
2020-08-28ofz#24770 oomCaolán McNamara
Change-Id: I0ccae77753fa9a1efb9cb405920f8ee8ffe9fbb2 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/101565 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com>
2020-08-28Change OUStringLiteral from char[] to char16_t[]Stephan Bergmann
This is a prerequisite for making conversion from OUStringLiteral to OUString more efficient at least for C++20 (by replacing its internals with a constexpr- generated sal_uString-compatible layout with a SAL_STRING_STATIC_FLAG refCount, conditionally for C++20 for now). For a configure-wise bare-bones build on Linux, size reported by `du -bs instdir` grew by 118792 bytes from 1155636636 to 1155755428. In most places just a u"..." string literal prefix had to be added. In some places char const a[] = "..."; variables have been changed to char16_t, and a few places required even further changes to code (which prompted the addition of include/o3tl/string_view.hxx helper function o3tl::equalsIgnoreAsciiCase and the additional OUString::createFromAscii overload). For all uses of macros expanding to string literals, the relevant uses have been rewritten as u"" MACRO instead of changing the macro definitions. It should be possible to change at least some of those macro definitions (and drop the u"" from their call sites) in follow-up commits. Change-Id: Iec4ef1a057d412d22443312d40c6a8a290dc6144 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/101483 Tested-by: Jenkins Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
2020-08-27ofz#24934 practically infinite loop on eofCaolán McNamara
Change-Id: Iaa6121f3a0088978c57718610bc9baf9bcfe6fee Reviewed-on: https://gerrit.libreoffice.org/c/core/+/101489 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com>
2020-08-13loplugin:stringstatic also look for local staticsNoel Grandin
Add some API to O*StringLiteral, to make it easier to use in some places that were using O*String Change-Id: I1fb93bd47ac2065c9220d509aad3f4320326d99e Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100270 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2020-07-22ofz#24317 hash too shortCaolán McNamara
Change-Id: I6b2df62f0d18c6918a82a002f1e9a364c877caf1 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/99211 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com>
2020-07-20fix --with-tls=openssl build with openssl upgradeCaolán McNamara
Change-Id: I0fece9f692637dc6948355c210534f5333fab7ed Reviewed-on: https://gerrit.libreoffice.org/c/core/+/99030 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com>
2020-07-20fix some warnings with --with-tls=opensslCaolán McNamara
Change-Id: I17cc8919aeecaddb09f2fbf37611b672e4859ff0 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/99029 Tested-by: Caolán McNamara <caolanm@redhat.com> Reviewed-by: Caolán McNamara <caolanm@redhat.com>
2020-07-19compact namespace: ooxNoel Grandin
Change-Id: I9ea016adcec334437da45296ee325453347836ae Reviewed-on: https://gerrit.libreoffice.org/c/core/+/99002 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2020-07-15comphelper: don't hardcode hash sizes in Hash::getLength()Miklos Vajna
Instead move the constants from filter to comphelper and reuse them. Change-Id: Ib7061e9028ccf6067b4e86f50145c1472c2b01d4 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/98785 Tested-by: Jenkins Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
2020-07-01Upcoming improved loplugin:staticanonymous -> redundantstatic: ooxStephan Bergmann
Change-Id: I1c6a2852e4794529ec7d55ceae485196a8170e24 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/97617 Tested-by: Jenkins Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
2020-05-25[MS-OFFCRYPTO] convert oox implementation into UNO serviceVasily Melenchuk
To permit pluggable crypto services, abstract existing implementation behind an XPackageEncryption API. Previous code already had two halfway-polymorphic classes (agile and standard 2007 engine), so we're not adding much additional layers. As MS crypto always uses OLE storage to wrap content into one single file, current implementation passes all substorage names down into XPackageEncryption APi, so different downstream implementations (e.g. for MS RMS, or Azure AIP) are possible. Because OleStorage classes are internal to LibO core, access is provided via XInput/XOutput stream API function. Change-Id: Icc32a4e0ce215090c3b739f1dcaa0654b36b7f08 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/84436 Tested-by: Jenkins Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
2020-04-25make FastParser always take a FastTokenHandlerBase subclassNoel Grandin
since most of the call sites already do, and we can skip the slow path this way. Change-Id: I64ed30c51324e0510818f42ef838f97c401bb6dd Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90326 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2020-03-16tdf#42949 Fix IWYU warnings in oox/source/[cd]*/*cxxGabor Kelemen
Found with bin/find-unneeded-includes Only removal proposals are dealt with here. Change-Id: Ie3c59da7b9e0ad06fcd7f247e47bcc17ea35b17a Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90503 Tested-by: Jenkins Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
2020-01-31new loplugin:namespaceindentationNoel Grandin
check indentation of braces in namespace decls, and the comments that often appear with them. This is my penance for messing up the indentation with clang-tidy-modernize-namespaces. As such I have limited it to new-style namespaces for now, and the check is off by default. Change-Id: I4db7f10a81c79bc0eece8f8e3ee564da8bc7f168 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/87723 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2020-01-15clang-tidy modernize-concat-nested-namespace in ooxNoel Grandin
Change-Id: I9877be75e1f7dcefdf7172d05dfbb0a63d06ced1 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/86803 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2019-10-17Remove some memset callsMike Kaganski
Replace them with default initialization or calloc Change-Id: I747f53c2ced2d0473fd5a5ede4f8520a0633dcc1 Reviewed-on: https://gerrit.libreoffice.org/80805 Tested-by: Jenkins Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
2019-08-15loplugin:sequenceloop in forms..ooxNoel Grandin
Change-Id: Id742001211e916e7709918e7112902a0c35bac95 Reviewed-on: https://gerrit.libreoffice.org/77501 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2019-08-12Fix typosAndrea Gelmini
Change-Id: Ic981076f76c92fb3112932bb7b5d97d6ec3d3c67 Reviewed-on: https://gerrit.libreoffice.org/77307 Tested-by: Jenkins Reviewed-by: Julien Nabet <serval2412@yahoo.fr>
2019-07-20loplugin:referencecasting in oox..pyunoNoel Grandin
Change-Id: Ie920c154aef3074016704c632b15d99110b219aa Reviewed-on: https://gerrit.libreoffice.org/75974 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2019-07-17tdf#42949 Fix IWYU warnings in include/ooxGabor Kelemen
Found with bin/find-unneeded-includes Only removal proposals are dealt with here. Change-Id: I89303217fd1141b2cfe248e5e6c0818ba01cf9d9 Reviewed-on: https://gerrit.libreoffice.org/75178 Tested-by: Jenkins Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
2019-01-22o3tl::make_unique -> std::make_unique in i18npool...reportdesignGabor Kelemen
Since it is now possible to use C++14, it's time to replace the temporary solution with the standard one Change-Id: I8bee1344f7df82536f31bc5e4ec4fd379cac1d04 Reviewed-on: https://gerrit.libreoffice.org/66704 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2018-10-18clang-tidy readability-simplify-boolean-exprNoel Grandin
Change-Id: I78fa01a6c803dec782488490b730af3a11814d64 Reviewed-on: https://gerrit.libreoffice.org/61902 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2018-10-17tdf#42949 Fix IWYU warnings in include/tools/*Gabor Kelemen
Found with bin/find-unneeded-includes Only removal proposals are dealt with here. Change-Id: I9dc920e9388f9e2aa4dcae1f0b3f7562d08f7f70 Reviewed-on: https://gerrit.libreoffice.org/61809 Tested-by: Jenkins Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2018-10-08tdf#42949 Fix IWYU warnings in include/comphelper/[m-z]*Gabor Kelemen
Found with bin/find-unneeded-includes Only removal proposals are dealt with here. Change-Id: I04c5ba277d5b3398c07de6ae66713d977636088d Reviewed-on: https://gerrit.libreoffice.org/61347 Tested-by: Jenkins Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2018-09-17New loplugin:externalStephan Bergmann
...warning about (for now only) functions and variables with external linkage that likely don't need it. The problems with moving entities into unnamed namespacs and breaking ADL (as alluded to in comments in compilerplugins/clang/external.cxx) are illustrated by the fact that while struct S1 { int f() { return 0; } }; int f(S1 s) { return s.f(); } namespace N { struct S2: S1 { int f() { return 1; } }; int f(S2 s) { return s.f(); } } int main() { return f(N::S2()); } returns 1, both moving just the struct S2 into an nunnamed namespace, struct S1 { int f() { return 0; } }; int f(S1 s) { return s.f(); } namespace N { namespace { struct S2: S1 { int f() { return 1; } }; } int f(S2 s) { return s.f(); } } int main() { return f(N::S2()); } as well as moving just the function f overload into an unnamed namespace, struct S1 { int f() { return 0; } }; int f(S1 s) { return s.f(); } namespace N { struct S2: S1 { int f() { return 1; } }; namespace { int f(S2 s) { return s.f(); } } } int main() { return f(N::S2()); } would each change the program to return 0 instead. Change-Id: I4d09f7ac5e8f9bcd6e6bde4712608444b642265c Reviewed-on: https://gerrit.libreoffice.org/60539 Tested-by: Jenkins Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
2018-08-27Fix build in the !(USE_TLS_OPENSSL + USE_TLS_NSS > 0) caseTor Lillqvist
Change-Id: I746f0f322082e81cc47322989634322a0659aa73
2018-08-16ofz: timeoutCaolán McNamara
Change-Id: I98fd5135eb47b518a97238ae981a0083f2e29f67 Reviewed-on: https://gerrit.libreoffice.org/59214 Reviewed-by: Caolán McNamara <caolanm@redhat.com> Tested-by: Caolán McNamara <caolanm@redhat.com>
2018-08-13loplugin:returnconstant in oox,packageNoel Grandin
Change-Id: I1dade7ddde6b1e226861d32f24f65be5bb9d9352 Reviewed-on: https://gerrit.libreoffice.org/58880 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2018-08-10Resolves: rhbz#1614419 FIPS mode PK11_ImportSymKey failureCaolán McNamara
use rhbz#1461450 style workaround Change-Id: I9e3b17deb9bac6af76ac253634c91d5e8ccd4963 Reviewed-on: https://gerrit.libreoffice.org/58816 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> Tested-by: Caolán McNamara <caolanm@redhat.com>
2018-08-01forcepoint#54 null derefCaolán McNamara
Change-Id: I9ca04647b16f90bb2d2d4aa0d25b08a09c408fe0 Reviewed-on: https://gerrit.libreoffice.org/58382 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> Tested-by: Caolán McNamara <caolanm@redhat.com>
2018-07-23Fix typosAndrea Gelmini
Change-Id: I22c02c9d4e121d3cb3b68be9a5c845e9e45cc123 Reviewed-on: https://gerrit.libreoffice.org/57603 Reviewed-by: Julien Nabet <serval2412@yahoo.fr> Tested-by: Jenkins
2018-07-23loplugin:unusedfieldsNoel Grandin
Change-Id: I1827262ad95942cacff589929f9436f8383cf142 Reviewed-on: https://gerrit.libreoffice.org/57642 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2018-07-15coverity#1437958 Uninitialized pointer fieldCaolán McNamara
Change-Id: I569c4367cc968f968c0f864bb3e231a7417d7560 Reviewed-on: https://gerrit.libreoffice.org/57454 Reviewed-by: Caolán McNamara <caolanm@redhat.com> Tested-by: Caolán McNamara <caolanm@redhat.com>
2018-07-14fix oss-fuzz buildCaolán McNamara
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9301 Change-Id: Iceb25764c483e20f09fe976d1271987643990aaf
2018-07-07oox: Handle agile encryption info "reserved" field correctlyTomaž Vajngerl
The "reserved" filed is written fter the version number major, minor which is used to identify the encryption as agile. The "reserved" field must always have the value 0x00000040. This change writes the reserved filed correctly and when encryption and when decrypting it checks the value an potentially bails out if it desn't contain the expected value. Change-Id: I2045dc64e0c6bbb3318384e25deef2ba8f41b94c Reviewed-on: https://gerrit.libreoffice.org/57140 Tested-by: Jenkins Reviewed-by: Tomaž Vajngerl <quikee@gmail.com>
2018-07-06oox: Agile encryption and data integrity verificationTomaž Vajngerl
This adds agile encryption for OOXML documents. Previously we always used the standard encryption used in MSO 2007 for max. compatibility, but new MSO versions (2010+) use the agile encryption, which allows more strong encryption methods (AES256 with SHA512). With this change we can now use do AES128 with SHA1 or AES256 with SHA512 encryption. In addition the agile encryption has data verification with HMAC hashing. With this change we also now write the data verification hash into the encrypted document and in addition also do data verification when opening / decrypting a document, so to make sure the document is not corrupted. Change-Id: Ib45d397df228c355941eefb76d51e5d6f8925470 Reviewed-on: https://gerrit.libreoffice.org/56974 Tested-by: Jenkins Reviewed-by: Tomaž Vajngerl <quikee@gmail.com>
2018-07-06oox: Standard2007Engine - take size into account when decryptingTomaž Vajngerl
Change-Id: I3a28344d28136c9785a9476b490d296143abfacf Reviewed-on: https://gerrit.libreoffice.org/56973 Tested-by: Jenkins Reviewed-by: Tomaž Vajngerl <quikee@gmail.com>
2018-07-06oox: move reading of the encryption info into the crypt engineTomaž Vajngerl
Change-Id: I92345cd8a0f9fc9172ae087e1bc1a16afdd67d8a Reviewed-on: https://gerrit.libreoffice.org/56972 Tested-by: Jenkins Reviewed-by: Tomaž Vajngerl <quikee@gmail.com>